On Fri, 25 Mar 2011 08:15:32 +0100 Torsten Veller <ml...@veller.net> wrote:
> Do you want to reject signed commits if > - keys are not publicly available [1] We'll need to define what does 'public availability' exactly mean? Does that mean a specific keyserver? > - keys are revoked [3] How about manifests signed before the key was revoked? -- Best regards, Michał Górny
signature.asc
Description: PGP signature